In cybersecurity, prevention is not the best medicine. Intervention is.

As we’ve learned from recent infiltrations inside the networks of leading corporations and federal government agencies, it is virtually impossible for a large organization to draw an impenetrable perimeter of defense around its data. The ‘castle model’ of cybersecurity has been found wanting.

But that does not mean the firewalls need to be taken down. Instead, our metaphorical castle must be staffed with a network of spies trained to monitor every single visitor who crosses the moat and flag any suspicious behavior they encounter.

That can be achieved with a tool called predictive behavioral analytics, a technology most often used in marketing. Combining clickstream data with machine-learning technology, behavioral analytics helps enterprises create a tailored online experience for each visitor to their web or mobile sites.

How behavioral analytics works for marketing and cybersecurity

Websites outfitted with behavioral data analytics can quickly peg visitors as impulsive purchasers, order-cancellers or anything in between — and without using stale second- and third-party data.

The program draws on the organization’s accumulated user data to interpret what each click of the mouse reveals on a visitor’s intentions — and future behavior. As more data accumulates over time, the program becomes ever more sophisticated. That’s the beauty of predictive behavioral analytics: It acts instantaneously, but it also improves with experience.

Many companies already use these types of enterprise tools to improve their customer outcomes. The common suppliers of marketing analytics are Google and Adobe. Other programs like SYNTASA’s Apache Hadoop integration software can help combine clickstream data with the enterprise data – like logistics, inventory and customer feedback.

Together, all this first-party data can help a company understand where its inefficiencies lie and conversely, what makes it most attractive to its customers, as expressed through their online behavior.

Lenovo made use of these techniques to create a more tailored customer experience for shoppers on its website. For this, the company combined three programs: Clickstream data, which contains customer behavior; Hadoop, to develop analytics categories; and SYNTASA, to apply the analytics scheme onto the raw data.

The behavioral clusters were then applied to the entire dataset captured by clickstream data, through SYNTASA’s indexing function. This indexing went so far as to include cookie-level data, said Braganza, Director of Global Business Intelligence at Lenovo.

This allowed the company to broaden the range of user experience on its website in a targeted way, increasing its conversion rate threefold. “When the visitor comes to the website,” said Braganza, “we’re able to change the experience of that customer in real time.”

In another example, Lenovo used behavioral analytics to focus its advertising resources on visitors who were more likely to buy products. The company was able to cut display ads, for instance, on those who had a history of placing an item in their shopping cart without completing a purchase.

“Now we are able to display retarget just the high-value audiences,” said Harrison Burch of Lenovo Global Business Intelligence. This allowed the company to cut down on 90% of its retargeting expenditures, he added.

Finding needles in haystacks

What does all this mean for cybersecurity? If it is possible to predict the direction an online user will take with such sophistication, it is also possible to identify a bad guy before they strike.

In real life, a talented burglar does not enter a house by crashing through any random door. To find the best possible opening and time of day to break in, the burglar might walk by the house repeatedly, and stare. This is suspicious behavior.

In the same way, a well-prepared hacker will often infiltrate the system gradually, starting out by poking here and there at various openings and vulnerabilities. Such behavior stands out online, too.

In a haystack, you can find all kinds of needles in addition to the one you were originally looking for. And if a hack does happen, the program will be more accurate the next time around in determining whether a visitor is exhibiting hacker tendencies.